Confessions of the QSA: An Introduction to the Payment Card Industry Data Security Standard

 

As most in the industry know, a QSA must get certified by the PCI Security Standards Security Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance. Created in 2004 by major credit card brands, such as Visa and American Express, the council acts as a form of self-regulation.

So, how did Weaver become an expert on PCI, and what types of solutions does it offer its clients?

On this episode of Weaver: Beyond The Numbers, host Tyler Kern talked with Trip Hillman, Director of Cyber Security Services at Weaver, and Kyle Morris, Manager of IT at Advisory Services at Weaver. The trio dug into insights from Weaver’s Quality Security Assessor and explored how Weaver dove headfirst into PCI.

The PCI DSS applies to organizations that store, process, transmit or could affect the security of cardholder data. Companies that fall under this standard could do a variety of things, such as an annual self-assessment questionnaire, or bring in a third-party, independent QSA to do a full-blown report on compliance audit.

Morris is a QSA and started at Weaver about eight years ago. A few years into his career, they had a client, a service provider, start getting asked by their customers if they knew anything about PCI and the report on compliance. At the time, they hadn’t done anything with it, but decided to figure it out. That morphed into Weaver diving headfirst into PCI.

“We help people with self-assessment questionnaires or SAQs and everything from full-on ROCs for Fortune 50 Cloud Providers to small merchants to SaaS solutions,” Morris said.

Follow us on social media for the latest updates in B2B!

Image

Latest

data center design
Applied Digital’s Data Center Design for a 100 MW AI Factory Built from the Ground Up
July 2, 2025

AI workloads are redefining the limits of data center design and infrastructure. Legacy data centers, built for traditional co-location, cannot handle the density, thermal demands, or power dynamics of accelerated computing. The AI boom has upended the data center sector, forcing a rapid shift to liquid-cooled racks as facilities pivot from sub-10kW racks to…

Read More
Commerce media
A Look at the Rise of Commerce Media Networks: How Nift Helps Brands Own How Their Message Shows Up
July 2, 2025

As traditional digital advertising struggles to retain consumer trust, brands are exploring new, more authentic ways to connect with shoppers. Platforms like commerce media networks, which weave together commerce, content, and data, are emerging as powerful tools in this shift. Research from MG2 Advisory reveals that only about 37% of consumers feel brands genuinely…

Read More
Hospitality leadership
Heart-First Hospitality Leadership: How Saying ‘Yes’ Transforms Guest Experiences, Boosts Staff Morale, and Drives Business Results
July 2, 2025

As the hospitality industry emerges from years of pandemic-driven upheaval, hospitality leadership is evolving to meet new challenges. Leaders are looking for new ways to retain staff, elevate guest satisfaction, and drive revenue without burning out their teams. One trend gaining traction is the power of “Yes”: empowering employees to say yes more often,…

Read More
civic leadership
Mayor Gerard Hudspeth’s Civic Leadership Journey: What Politics Teaches About People
July 2, 2025

What does a mayor learn about human nature? In this episode of Professional Quotient: Conversations that Build Equity, host Jason Winningham sits down with Gerard Hudspeth, longtime mayor of Denton, Texas, and a respected figure in civic leadership. Drawing from his years in public service, Hudspeth explores how leading a city reveals the core…

Read More